Veracode, a leading AppSec partner for creating secure software, announced improved Continuous Software Security Platform in Europe. Companies can now secure their software across the entire software development lifecycle (SDLC) with the addition of dynamic analysis and API scanning capabilities to Veracode’s static analysis, software composition analysis, and manual penetration testing tools.
John Smith, Chief Technology Officer EMEA at Veracode commented, “The European market has a growing need to consolidate and automate application security while meeting stringent data residency requirements. The options for achieving this at scale are limited and complex: on-premises solutions require a large, upfront investment and frequent upgrades, while other SaaS platforms are often a pared-down version of existing on-premises products. Veracode’s cloud-native platform helps customers keep costs down and increase efficiencies by integrating multiple software security tools into one easy-to-use solution that also monitors policy compliance.”
To meet cloud computing policy requirements, Veracode allows customer data to remain resident in the EU. There has never been a greater need for a software security solution based on SaaS that supports data residency. Because of a 20x increase in security scanning cadence over the last decade, organizations are now testing apps for flaws more thoroughly than ever before. Many people are moving to the left and combining static, dynamic, and software composition analysis to gain a more complete picture of risk and policy compliance.
Veracode, which is seamlessly integrated into the environments where developers work, provides a frictionless experience for developers to code securely without compromising delivery speed. This is critical to assisting businesses in keeping up with accelerating deployment times while also providing a comprehensive view of risk, remediation guidance, peer benchmarking, and rich analytics throughout the development pipeline.
The cloud-native platform continuously fine-tunes itself to improve accuracy, yielding low false-positive rates due to nearly two decades of aggregate data. It also improves workflows by running daily vulnerability database updates, so customers are always aware of any potential threats.